General

  • Target

    5aca6ab6422dcc3e0ae40dc1209d7f56

  • Size

    286KB

  • Sample

    240114-kjv88afbfl

  • MD5

    5aca6ab6422dcc3e0ae40dc1209d7f56

  • SHA1

    443714fdef58cc799e38e256b7cb15f9a2e911b4

  • SHA256

    173022d6d3ffb92f04e5e5c32d2085aa46c6fcead166f172a2f1012ebb6aeb49

  • SHA512

    d93cd9c509d9e8e5d238374698ae6df89a579ea3d4a61129667f24b426cf71f490d24ed8f8d7080a9c6baf12411f0023b05a683ca5365161c0eb3379548e739b

  • SSDEEP

    6144:PLS4rjVhrM0mgdhwcVvWwcyFTYMVuuyOROHNCi:PO4rjV9M0mgzwSmyTEOqMi

Malware Config

Extracted

Family

redline

Botnet

TEST

C2

193.56.146.78:54955

Targets

    • Target

      5aca6ab6422dcc3e0ae40dc1209d7f56

    • Size

      286KB

    • MD5

      5aca6ab6422dcc3e0ae40dc1209d7f56

    • SHA1

      443714fdef58cc799e38e256b7cb15f9a2e911b4

    • SHA256

      173022d6d3ffb92f04e5e5c32d2085aa46c6fcead166f172a2f1012ebb6aeb49

    • SHA512

      d93cd9c509d9e8e5d238374698ae6df89a579ea3d4a61129667f24b426cf71f490d24ed8f8d7080a9c6baf12411f0023b05a683ca5365161c0eb3379548e739b

    • SSDEEP

      6144:PLS4rjVhrM0mgdhwcVvWwcyFTYMVuuyOROHNCi:PO4rjV9M0mgzwSmyTEOqMi

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks